The F5 Security Incident Response Team (F5 SIRT) has an email alias that makes it easy to report potential security vulnerabilities.
• If you’re an F5 customer with an active support contract, please contact F5 Technical Support.
• If you aren’t an F5 customer, please report any potential or current instances of security vulnerabilities with any F5 product to the F5 Security Incident Response Team at F5SIRT@f5.com.
In any of these situations, please contact our technical support team first. If our technical support team recognizes a security issue, they’ll flag and escalate it to the F5 Security Incident Response Team.
To send an encrypted message to F5, use the F5 SIRT public PGP key, which is available on multiple public key servers.
F5 doesn’t provide advance notifications to specific recipients. We alert all customers at the same time via our security mailing list. Security patches and advisories are freely available from AskF5.
You can stay connected and receive the latest security information from F5 in the way that works best for you: